Vint Cerf Keeps Blaming Himself For IPv4 Limit

netbuzz writes "Everyone knows that IPv4 addresses are nearly gone and the ongoing move to IPv6 is inevitable if not exactly welcomed by all. If you've ever wondered why the IT world finds itself in this situation, Vint Cerf, known far and wide as one of the fathers of the Internet, wants you to know that it's OK to blame him. He certainly does so himself. In fact, he does so time and time and time again."

an alan cox interview

[ciaran_o_riordan]

Here's an interview where he says it:

http://www.velocityreviews.com/forums/t576610-alan-cox-on-software-patents.html

"""Alan Cox: The same has happened with IP version 6. You notice that everyone
is saying IP version 6 is this, is that, and there's all this research
software up there. No one at Cisco is releasing big IPv6 routers.
Not because there's no market demand, but because they want 20
years to have elapsed from the publication of the standard before
the product comes out -- because they know that there will be
hundreds of people who've had guesses at where the standard
would go and filed patents around it. And it's easier to let things
lapse for 20 years than fight the system."""

(More info would be good - any other prominent techs saying this?)

How we got here.

[Animats]

At the time, XNS, the Xerox protocol for Ethernet networks, was in use. It had 24 bits for the network number, and 24 bits for the device ID. Thinking at the time was that each network would be a local LAN, and "internetworking" would interconnect LANs. Xerox was thinking of this as a business system, with multiple machines on each LAN. So XNS had a 48-bit address spade. That's what we call a "MAC address" today.

The telephony people were pushing X.25 and TP4, which used phone numbers for addressing. Back then, phone numbers were very hierarchical; the area code and exchange parts of the number determined the routing to the final switch. "Number portability", where all the players have huge tables, was a long way off.

The problem with a big address space is that memory was too expensive in those days to deal with huge address tables. A big issue was locative vs non-locative address spaces. In a locative address space, there's a hierarchy - you can take some part of the address and make a local decision about what direction to go, even if you don't have enough detailed information to get to the final destination. IP was originally organized like that - routers looked up class A, B, and C networks. A huge, flat address space implemented using multi-level caches was way beyond what you could do in a router back then. Routers used to be dinky machines, with less than one MIPS and maybe 256K of RAM.

There was a lot of worry about packet overhead. Each key press on a terminal sends 41 bytes over a TCP/IP network. That was a big deal when companies had long-haul links in the 9600 to 56Kb/s range. Adding another 24 bytes to each packet to allow for future expansion seemed grossly excessive. Especially since the X.25 people had far less overhead.

So there were good reasons not to overdesign the system. I don't blame Cerf for that.

The foot-dragging on IPv6 is excessive. The big deployment problem was getting it into everyone's Windows desktop. That's been done.

Re:Glad thats sorted out!

[hardburn]

Except IPv6 is hierarchical, for that very reason. Routing tables can be much, much smaller than they are on IPv4.

Re:Laches: the doctrine of you snooze, you lose

[Overzeetop]

Never, or in more practical terms, less than 6 years after the expiration of the patent. Patents need not be defended like trademarks, and you can "back sue" for up to 6 years of infringement. There was a recent story on /. about a company that bought a little known patent right before it expired, then went about suing everybody and anybody for infringement *after* the expiration, but going back 6 years for damages.

Re:No need for IPv6

[JSBiff]

Because, since all the hosts behind a NAT share a single routable address, that means to make inbound connections, you need to setup port forwarding. So, say I want to run Skype (which likes to have an inbound port), a game server, and a VoIP application, all of which need to be able to accept inbound connections. Well, to do that, on the NAT Gateway, I need to setup 3 ports to be forwarded to my computer. Only I can use those 3 ports, no one else can. Which means with 64k ports available on the NAT, you can probably only setup port forwarding service for maybe 10k-20k customers. You *might* be able to alleviate this a little bit by using multiple 'public' IPs - say one public IP for every 5000-10000 users on the ISP network.

There's also the issue of 'well known ports' - let's say I want to run a web server - well, almost all browsers expect a web server to respond to connections made to either port 80 or port 443 (for SSL encrypted connections). Likewise SSH, telnet, FTP, rdist, etc all typically use well-known ports. Games using iD Software engines usually accept inbound connections on a particular well-known port (27960). Only one computer per public IP may have port 80 or 443, or whatever, forwarded.

Also, perhaps even more importantly, every outbound connection also uses a port associate with the public IP address being used for NAT. Again, using one public IP for a few thousand users might give you enough ports to mostly work.

Basically, in a world where everyone is behind a NAT, no one can ever accept in-bound traffic from off the 'local' network (I put local in quotes, because in the case of Large Scale NAT, you could probably talk to all the other customers of your ISP directly, but not anyone who uses a different ISP), even when they *WANT* to. Some people like the 'comfort' of thinking that NAT somehow protects them better than a firewall, but I'd personally prefer routable addresses for all my devices, with a firewall that I control on my home router to block in-bound access. That way, I can simply open ports when I *want* inbound traffic, and leave all other closed - but when I do want to run services